--- Slides WiP ---
- The lecture is organized by the Chair of Decentralized Systems Engineering at TU Munich.
-
Cloud security
-
Overview
-
Hardware as the root of trust
-
-
System security principles
-
Confidentiality, integrity, and freshness
-
Isolation
-
Least privilege
-
Compartmentalization
-
Threat model
-
-
Attack vectors
-
Denial of service
-
Information leakage
-
Confused deputy
-
Privilege escalation
- Control flow hijack
- Code injection
- Code reuse
-
-
Attestation
-
Overview and basic principles
-
TPM-based attestation
-
-
Confidential computing
-
Overview
-
Intel SGX: Software Guard Extensions
-
ARM Trustzone / ARM Realms
-
AMD SEV: Secure Encrypted Virtualization
-
-
Memory safety
-
Overview
-
Intel MPX: Memory Protection Extension
-
CHERI
-
-
Memory protection
-
Overview
-
MMU/IOMMU
-
Intel MPK: Memory Protection Keys
-
ARM MTE: Memory Tagging Extensions
-
-
Control flow integrity
-
Overview
-
Intel CET: Control-Flow Enforcement Technology
-
ARM PA: Pointer Authentication
-
-
Open hardware for security research
-
RISC-V Basics
-
Keystone
-
OpenTitan
-
-
Hardware virtualization
-
Overview
-
Intel VTx: Virtualization Technology
-
KVM
-
QEMU
-
For any further questions/comments, please contact the course organizer: